|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
On 21 Nov 2014, at 10:30, Hannes Mehnert <hannes@xxxxxxxxxxx> wrote: > > While this is better than the current implementation (which uses > OCaml's Random, which on Xen is seeded very deterministic if I > understand that code correctly > https://github.com/ocaml/ocaml/blob/638a953bcf61678307fa5d0e1a969aaaf3f1ab20/byterun/sys.c#L364), > it is too easy to get it wrong (running the same unikernel image > several times with the same seed) that I don't feel comfortable to > ship mirage(-tls) with that. Bear in mind that we need some sort of a non-vchan solution for existing VMs even when the vchan solution does work, to cope with existing cloud providers. We just need to augment the one-time-pad here with some more Xen-specific environmental sources. There may be some inspiration here: http://www.ieee-security.org/TC/SP2014/papers/Not-So-RandomNumbersinVirtualizedLinuxandtheWhirlwindRNG.pdf Another alternative we could do in the short-term is just to pass the 16 bytes-every-10-minutes directly via Xenstore instead of a full-blown Vchan. This would just require a daemon in dom0 to be run that does this. The paper above also notes that the Xenstore hooks are useful to reinject fresh entropy upon suspend/resume, which couldn't be done easily in a pure vchan solution. -anil _______________________________________________ MirageOS-devel mailing list MirageOS-devel@xxxxxxxxxxxxxxxxxxxx http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |